This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/knfgydTbtPVjZVtEbY8Dt325t7w.roa File: knfgydTbtPVjZVtEbY8Dt325t7w.roa (raw, json) Hash identifier: cwzl/tzUbgJEUKYnb9bVrqIFpWiWIF7mTjZcgeIQ9Qs= Subject key identifier: 92:77:E0:C9:D4:DB:B4:F5:63:65:5B:44:6D:8F:03:B7:7D:B9:B7:BC Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 5059 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/knfgydTbtPVjZVtEbY8Dt325t7w.roa Signing time: Sun 05 May 2024 17:23:55 +0000 ROA not before: Sun 05 May 2024 17:23:55 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.0.0/19 maxlen: 19 101.78.32.0/19 maxlen: 19 103.35.0.0/19 maxlen: 19 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 20569 (0x5059) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: May 5 17:23:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9277E0C9D4DBB4F563655B446D8F03B77DB9B7BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:05:b1:51:03:9d:d7:67:5a:87:b1:24:d9:2d: 01:4f:25:42:dc:bb:d3:3a:ac:42:da:7e:e2:97:51: 01:62:60:10:e8:fd:a2:af:3a:2b:0b:60:a3:eb:8c: 9c:e3:ad:a2:cf:69:dd:fd:3b:2a:53:3e:94:d8:fd: ce:98:5a:69:f8:79:bc:99:1d:68:2c:39:04:af:81: c3:44:aa:ca:45:ce:9a:fb:34:f2:89:64:0c:74:2d: 3a:a5:54:38:57:7d:c1:82:18:d0:5e:48:9c:23:a2: 06:a9:b6:21:0d:f5:bd:18:67:5a:a0:97:db:cc:fa: a1:d4:be:27:f0:2a:60:af:eb:10:ca:fd:3a:84:56: 5b:74:cc:dc:32:c3:d7:52:b2:58:51:88:e6:14:db: b4:ad:bc:86:01:25:d2:fc:11:d0:68:5f:ca:59:0c: 05:a6:83:de:07:84:b8:92:52:3a:7f:68:8a:fe:20: 71:38:c1:ed:8d:cd:91:a9:a8:be:cc:a1:e1:28:cc: 6c:e0:37:51:72:00:4a:ab:dc:65:50:9a:48:a0:a4: ee:39:e2:3f:71:25:1f:9c:26:d8:f1:ba:4c:1c:55: 86:14:0a:1d:79:0e:8f:f1:5c:04:f0:09:ed:f9:ee: f9:aa:96:0d:f7:4b:36:9f:9a:d3:47:68:97:5a:8b: 4a:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:77:E0:C9:D4:DB:B4:F5:63:65:5B:44:6D:8F:03:B7:7D:B9:B7:BC X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/knfgydTbtPVjZVtEbY8Dt325t7w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.0.0/19 101.78.32.0/19 103.35.0.0/19 Signature Algorithm: sha256WithRSAEncryption af:3f:18:9b:46:c5:92:e3:b2:fa:86:af:d4:b0:b1:1e:e5:d0: 60:91:5a:01:7a:6c:12:25:df:b8:ed:02:cd:f9:6f:2a:a4:2e: 97:85:4e:6f:39:25:89:cc:be:1c:97:8a:c8:ec:83:bd:54:28: cf:19:12:a0:c6:e6:43:8e:c5:3c:51:af:9d:10:72:49:86:20: 81:e8:93:68:f0:60:4d:75:47:0d:61:9d:08:a9:b5:e6:fd:b5: 35:87:e2:90:ea:2e:08:46:07:e8:ac:4e:26:2a:ff:ea:ba:92: d8:7e:02:d3:96:0f:d3:8a:96:ac:ad:89:be:d7:d4:76:e8:09: 43:e6:55:da:2a:ae:31:de:a4:31:58:e1:c9:bd:d3:b3:b8:f2: 1b:79:94:c8:8b:1f:d3:7e:e1:ac:58:fd:53:7b:49:ef:17:cc: 07:12:8b:45:19:50:89:7d:42:b6:23:6a:2f:c5:42:ec:fa:7f: 5a:a3:ae:5e:59:06:92:cb:6a:f9:8f:df:1c:96:58:40:91:2f: ea:ba:29:f5:85:5c:dc:25:ff:24:f7:ac:a9:83:5a:76:ba:07: 41:76:41:f4:2d:85:30:1b:2a:26:bc:ad:fa:f1:c5:f5:7c:35: 5e:f1:17:94:8c:20:31:42:30:a8:90:a0:f5:06:d1:55:7c:77: ca:7f:b5:fc -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICUFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx NzIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkyNzdFMEM5RDREQkI0 RjU2MzY1NUI0NDZEOEYwM0I3N0RCOUI3QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4BbFRA53XZ1qHsSTZLQFPJULcu9M6rELafuKXUQFiYBDo/aKv OisLYKPrjJzjraLPad39OypTPpTY/c6YWmn4ebyZHWgsOQSvgcNEqspFzpr7NPKJ ZAx0LTqlVDhXfcGCGNBeSJwjogaptiEN9b0YZ1qgl9vM+qHUvifwKmCv6xDK/TqE Vlt0zNwyw9dSslhRiOYU27StvIYBJdL8EdBoX8pZDAWmg94HhLiSUjp/aIr+IHE4 we2NzZGpqL7MoeEozGzgN1FyAEqr3GVQmkigpO454j9xJR+cJtjxukwcVYYUCh15 Do/xXATwCe357vmqlg33SzafmtNHaJdai0qXAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUknfgydTbtPVjZVtEbY8Dt325t7wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tuZmd5ZFRidFBWalpW dEViWThEdDMyNXQ3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK8/GJtGxZLjsvqG r9SwsR7l0GCRWgF6bBIl37jtAs35byqkLpeFTm85JYnMvhyXisjsg71UKM8ZEqDG 5kOOxTxRr50QckmGIIHok2jwYE11Rw1hnQipteb9tTWH4pDqLghGB+isTiYq/+q6 kth+AtOWD9OKlqytib7X1HboCUPmVdoqrjHepDFY4cm907O48ht5lMiLH9N+4axY /VN7Se8XzAcSi0UZUIl9QrYjai/FQuz6f1qjrl5ZBpLLavmP3xyWWECRL+q6KfWF XNwl/yT3rKmDWna6B0F2QfQthTAbKia8rfrxxfV8NV7xF5SMIDFCMKiQoPUG0VV8 d8p/tfw= -----END CERTIFICATE-----Generated at Mon Dec 22 11:12:51 2025 by rpki-client